Intrusion Prevention

MS.Publisher.Pubconv.Invalid.Index.Memory.Corruption

Description

This indicates an attack attempt against a memory-corruption vulnerability in Microsoft Publisher.
The vulnerability exists in the way Microsoft Publisher parses Publisher 97 format files. It allows an attacker to exploit the vulnerability by sending a specially crafted Publisher file to the user and by convincing the user to open the file.

Affected Products

Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2010 (32-bit editions)
Microsoft Office 2010 (64-bit editions)

Impact

System compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch, available at the vendor's website:
http://www.microsoft.com/technet/security/Bulletin/ms10-103.mspx

CVE References

CVE-2010-2571